On the Security of Rate-limited Privacy Pass

Time:

Venue/Location: Phòng C101, VIASM, 157 phố Chùa Láng, Hà Nội

Speaker: Khue Do (CISPA Helmholtz Center for Information Security, Germany).

Time: 14:00 pm - 15:30 pm, Friday, 29/12/2023

Mode of participation: online/offline

Title: On the Security of Rate-limited Privacy Pass

Abstract: The privacy pass protocol allows users to redeem anonymously issued cryptographic tokens instead of solving annoying CAPTCHAs. The issuing authority verifies the credibility of the user, who can later use the pass while browsing the web using an anonymous or virtual private network. Hendrickson et al. proposed an IETF draft (privacypass-rate-limit-tokens-00) for a rate-limiting version of the privacy pass protocol, also called rate-limited Privacy Pass (RlP). Introducing a new actor called a mediator makes both versions inherently different. The mediator applies access policies to rate-limit users’ access to the service while, at the same time, should be oblivious to the website/origin the user is trying to access. In this paper, we formally define the rate-limited Privacy Pass protocol and propose a game-based security model to capture the informal security notions introduced by Hendrickson et al.. We show a construction from simple building blocks that fulfills our security definitions and even allows for a post-quantum secure instantiation. Interestingly, the instantiation proposed in the IETF draft is a specific case of our construction. Thus, we can reuse the security arguments for the generic construction and show that the version used in practice is secure.

This is based on joint work with Hien Chu and Lucjan HanzlikThe work was presented in ACM CCS 2023 conference.

Article link: https://ia.cr/2023/1805